Unused user with console logon

Authentication

Unused user with console logon

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

AliCloud CIS
cis_8
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

RAM User in Alibaba Cloud can log in to the console using username and password, or access resources programmatically with access keys. Users that have not used their password in the last 90 days should have their console logon disabled. This reduces the opportunity that a neglected user or a user with compromised password will be used by an attacker. The user {AliCloudUser} (ID: {AliCloudUser.UserId}) hasn't logged in recently, and therefore, the console logon should be disabled.

Recommended Mitigation

Disable the console logon using the console, or remove the login profile of the user using the CLI.

Unused user with console logon

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS